@yefim There's a checkbox when signing in to only access public repos.
Generally, all the app needs is read-only access to commit logs, but there is no fine grained OAuth scope that could be used. See https://www.retrogit.com/faq for more details.

@mihai I envy you for making this. You will wonder that I was working on the exact same idea. In fact, I had written some initial code for doing so. I was thinking of completing the project with the new year, but you just beat me by a few days. Looking at the amazing implementation from your side, I don't think I'll continue on this anymore. I have what I wanted finally.
As a product feedback, it is very beautifully done. I love how you use punch card in the interface for giving that retro feeling. Even the button styles used are nice. I'm sure, it will be very useful for the people who are regular on github. Just as timehop is for the people who are regular on social networks. It's like a reminder of one's dumbness exactly a year back.
Also, as quoted earlier, I'll be slightly worried if some app is taking private repo access from me. Specially when the access token is going to reside at the server. Then it becomes your responsibility to keep that access token safe. (I'm assuming you are taking some measures there) Initially, I was thinking in terms of doing a client side mobile thing that would keep the access tokens with the client only. But there are obvious issues with that approach.
But anyway, beautifully executed in a very usable manner.